The user delete view will delete the user from the database using the user model's delete method. Add the following (and the rest of the snippets below), to your views/user_view.py file
@user_api.route('/me', methods=['DELETE'])
@Auth.auth_required # <- the decorator we created before
def delete():
user = UserModel.get_one_user(g.user.get('id'))
user.delete()
return custom_response({'message': 'deleted'}, 204)
Get all Users
This method does what it says. It will return a list of all users.
Just like the view before, this endpoint will retrieve a single user by ID.
@user_api.route('/<int:user_id>', methods=['GET'])
@Auth.auth_required
def get_user(user_id):
'''
Get a single user
'''
user = UserModel.get_one_user(user_id)
if not user:
return custom_response({'error': 'user not found'}, 404)
ser_user = user_schema.dump(user).data
return custom_response(ser_user, 200)
Get Me
This endpoint utilizes the applications context proxy, g. g is a namespace object that stores all or every bit of information needed during the applications life cycle. In other words, Whenever someone uses the app, data needed for the app to run, is stored in g.
@user_api.route('/me', methods=['GET'])
@Auth.auth_required
def get_me():
'''
Get owners user information (me)
'''
user = UserModel.get_one_user(g.user.get('id'))
ser_user = user_schema.dump(user).data
return custom_response(ser_user, 200)
Login
This endpoint logs in a user. It does this by verifying the password hash to the hashed password stored in the database, along with the email. Then, it will return a token for the user to use for any requests they would like to make
@user_api.route('/login', methods=['POST'])
def login():
'''
Validates and returns a web token
if the user credentials are verified
'''
req_data = request.get_json()
data, error = user_schema.load(req_data, partial=True)
if error:
return custom_response(error, 400)
if not data.get('email') or not data.get('password'):
return custom_response({'error': 'email and password required to login'})
user = UserModel.get_user_by_email(data.get('email'))
if not user:
return custom_response({'error': 'invalid credentials'}, 400)
if not user.check_hash(data.get('password')):
return custom_response({'error': 'invalid credentials'})
ser_data = user_schema.dump(user).data
token = Auth.generate_token(ser_data.get('id'))
return custom_response({'token': token}, 200)
Update User
This endpoint will take in new information and modify it to the new body, returning a bad request status code if the body is missing important bit of information. Then it will persist the changes, and send back a 200 and the new users information
@user_api.route('/me', methods=['PUT'])
@Auth.auth_required
def update():
'''
Allows owner of profile (me)
to update the user information
'''
req_data = request.get_json()
data, error = user_schema.load(req_data, partial=True)
if error:
return custom_response(error, 400)
user = UserModel.get_one_user(g.user.get('id'))
user.update(data)
ser_user = user_schema.dump(user).data
return custom_response(ser_user, 200)
Registering the User Blueprint
The final step before the user views are finished up, is we need to register the blueprint. This is the user_api object in user_views.py. We do this by adding the following code to our src/app.py
This line should be inside the create_app function, just after the app.config calls, and before we use bcrypt. We do this because we have created the app, but we haven't added the extra goodies we just created to our app. This is called **Registering a Blueprint. A snippet of the create_app function is shown below
